package com.example.hotelsystem.config;


import org.apache.shiro.authc.Authenticator;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.authz.Authorizer;
import org.apache.shiro.authz.ModularRealmAuthorizer;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.session.SessionListener;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.ArrayList;
import java.util.Collection;
import java.util.LinkedHashMap;
import java.util.Map;


@Configuration
public class ShiroConfig {


    //shiroFilterFactoryBean
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager")DefaultWebSecurityManager defaultWebSecurityManager){
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();

        //设置安全管理器
        bean.setSecurityManager(defaultWebSecurityManager);
        //添加shiro的内置过滤器
        /*
            anon: 无需认证就可访问
            authc：必须认证才能访问
            user：必须拥有记住我功能才能访问
            perms: 拥有对某个资源的权限才能访问
                role:拥有某个角色权限才能访问
       */

        Map<String, String> filterMap = new LinkedHashMap<>();



        //授权
//        filterMap.put("/hotelsystem/user/view","authc");
//        filterMap.put("/hotelsystem/user/view","perms[用户详情]");
//        filterMap.put("/hotelsystem/order/create","authc");
//        filterMap.put("/hotelsystem/order/pay","authc");
//        filterMap.put("/hotelsystem/order/userOrders","authc");
        //设置登出
//        filterMap.put("/logout", "logout");

        //设置未授权页面
        bean.setLoginUrl("/unlogin");
        bean.setUnauthorizedUrl("/unauthorized");

        bean.setFilterChainDefinitionMap(filterMap);

        //设置登录请求


        return bean;
    }




    //DafaultWebSecurituManager
    @Bean(name="securityManager")
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //关联UserRealm
        securityManager.setRealm(userRealm);

        return securityManager;
    }


    //创建realm对象 ，需要自定义
    @Bean(name = "userRealm")
    public UserRealm userRealm(){
        return new UserRealm();
    }

    @Bean
    public Authorizer authorizer(UserRealm userRealm){
        ModularRealmAuthorizer authorizer = new ModularRealmAuthorizer();
        Collection<Realm> crealms = new ArrayList<>();
        crealms.add(userRealm);
        authorizer.setRealms(crealms);
        return authorizer;
    }

    @Bean
    public Authenticator authenticator(UserRealm userRealm){
        ModularRealmAuthenticator authenticator = new ModularRealmAuthenticator();
        Collection<Realm> crealms = new ArrayList<>();
        crealms.add(userRealm);
        authenticator.setRealms(crealms);
        return authenticator;
    }




}
